Restricted Access Can Lead to Escalation of Privileges
CVE-2024-24739

6.3MEDIUM

Key Information:

Vendor: SAP
Status: SAP BAM (Bank Account Management)
Vendor: CVE Published:; 13 February 2024

Summary

SAP Bank Account Management (BAM) allows an authenticated user with restricted access to use functions which can result in escalation of privileges with low impact on confidentiality, integrity and availability of the application.

Affected Version(s)

SAP BAM (Bank Account Management) SAP_FIN 618

SAP BAM (Bank Account Management) SAP_FIN 730

SAP BAM (Bank Account Management) S4CORE 100

References

https://me.sap.com/notes/2637727

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-...

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 13, 2024
Vulnerability Reserved
Jan 29, 2024